64dff61ee6bc97ce9853d1653c3e442c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64dff61ee6bc97ce9853d1653c3e442c_JaffaCakes118
Size

213KB
MD5

64dff61ee6bc97ce9853d1653c3e442c
SHA1

02fd33ee119b548f037117489d0e02e934cf0099
SHA256

1f0b1cb8c19d36c630066900a8a96d1f52ff6becadfa6c3cd280096f8a56babb
SHA512

51a5765470ec2b2323ccb7100cf4dca7e8db759b9b962d0ef2e1afb43edba827c8825f73fc959a154fabd269f8008ce393872dbc841409a2f87aa3bef956b15c
SSDEEP

3072:bJepFXpHzb+rlBQLIcJ5aRRJ0/WPG83WNwIrxhRrGCeGmodqjH8hL:tuFdzb+rlBQfg4/WPGS/mqL8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64dff61ee6bc97ce9853d1653c3e442c_JaffaCakes118

Files

64dff61ee6bc97ce9853d1653c3e442c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5a6388c14334319fcbd53a76810bdaaf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\aJbepIv\jwCyumypouD\qDvojUivKL.pdb

Imports

advapi32

OpenBackupEventLogW

gdi32

SetLayout
GetBkMode
ExtFloodFill
LPtoDP
CreateFontA
SelectClipRgn
SetRectRgn
OffsetRgn
GetObjectW
GetTextExtentPoint32W
BeginPath
Rectangle
GetTextExtentPointW
GetTextExtentExPointW
SetBkColor

msvcrt

fprintf
isprint
floor
_controlfp
atoi
fputc
__set_app_type
__p__fmode
getc
__p__commode
_amsg_exit
_initterm
strcspn
mktime
_acmdln
exit
memcpy
gets
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
mbstowcs
__getmainargs

kernel32

GetProfileIntA
IsBadCodePtr
GetWindowsDirectoryA
MoveFileA
CopyFileA
SearchPathA
FormatMessageA
SetLocalTime
GetBinaryTypeW
lstrcpyA
GetCommTimeouts
LoadLibraryExW
SetThreadContext
lstrcpynA
GetLongPathNameW
FindClose
GetShortPathNameA
GetFileSize

user32

SetForegroundWindow
GetDlgCtrlID
GetSystemMenu
GetSysColor
GetWindowTextA
EnableMenuItem
IsChild
GetDlgItem
GetAsyncKeyState
GetUpdateRgn
TranslateAcceleratorW
CreateIconFromResource
GetFocus
LoadIconA
CharUpperA
MonitorFromRect
UnloadKeyboardLayout
ModifyMenuW
SendMessageTimeoutA
CheckMenuItem
GetMessageTime
PostMessageA
EnumWindows
FindWindowA
TranslateAcceleratorA
CharNextExA
IsCharAlphaNumericA
CharToOemW
IsCharAlphaW
TrackPopupMenuEx
GetIconInfo
SetCaretPos
GetMenuState
CharNextA

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt
?ExecuteImageEUYIDH@@YGKEPA_WG@Z

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dat_0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat_1
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdiag
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat_2
Size: 1024B - Virtual size: 861B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mem
Size: - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydiag
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a6388c14334319fcbd53a76810bdaaf

Headers

File Characteristics

PDB Paths

Imports

advapi32

gdi32

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 65KB

.idat Size: 512B - Virtual size: 392B

.data Size: 3KB - Virtual size: 2KB

.dat_0 Size: 2KB - Virtual size: 1KB

.dat_1 Size: 512B - Virtual size: 168B

.xdiag Size: 512B - Virtual size: 28B

.dat_2 Size: 1024B - Virtual size: 861B

.mem Size: - Virtual size: 83KB

.ydiag Size: 512B - Virtual size: 62B

.rsrc Size: 136KB - Virtual size: 136KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 65KB - Virtual size: 65KB

.idat
Size: 512B - Virtual size: 392B

.data
Size: 3KB - Virtual size: 2KB

.dat_0
Size: 2KB - Virtual size: 1KB

.dat_1
Size: 512B - Virtual size: 168B

.xdiag
Size: 512B - Virtual size: 28B

.dat_2
Size: 1024B - Virtual size: 861B

.mem
Size: - Virtual size: 83KB

.ydiag
Size: 512B - Virtual size: 62B

.rsrc
Size: 136KB - Virtual size: 136KB

.reloc
Size: 2KB - Virtual size: 1KB